99% of Android Phones Vulnerable to Data Leak; Google Working on Quick Fix

[Guest]

[citation][nom]molo9000[/nom]Is that why they made 8.5billion dollars profit last year? Google has a higher profit margin than Apple ffs![/citation]

Umm one word ADVERTISING!!!!!!!!

You do not pay, advertising pays! You search or e-mail or browse for FREE FFS!

 

[jimsocks]

quick fix that will take carriers months to release lol

 

[cyprod]

[citation][nom]watcha[/nom]I wonder how different the reaction would be if this MASSIVE failure on Google's part leaving EVERY user vulnerable while using public Wifi has been done by Apple...Just shows that the objectivity is severely lacking with the apple-haters.[/citation]
Sorry, but no. The difference is that other than one poster so far, google folks are like "well, it's good it got caught before any widespread use" and "that sucks", "I'm glad they're fixing this quickly", etc.

If it'd been apple that had done it, the google response would be expected, but the apple users would say stuff such as "it's a feature!" or "who would do that anyway, it's not a big deal" or, "I don't mind, I think it's kind of cool really".

You see the difference, right?

 

[virtualban]

[citation][nom]macewrox[/nom]Apple: Hey we have a new product for you.Applelover: Oh yeah?! What's new about it?Apple: Don't worry about that. It's new.Applelover: What? Oh okay.Apple: You don't want to be left in the past now do you? Come on..Applelover: How much?Apple: How much you got?Applelover: My life savings.Apple: I'll take it.[/citation]
Thanks for the smiles. Thumbs up.

 

[Guest]

For comments like:

"This sort of thing happens to every OS - none are immune."

"quick fix that will take carriers months to release lol"

Please read the entire article!!

This is not a bug on android and carriers have nothing to do with it.
This is a server side issue and it will get fixed in a couple days.

 

[hunter315]

And thats why you shouldnt be connecting to random wifi networks...

 

[dread_cthulhu]

Researchers say that hackers can easy extract this information from an Android phone through the use of a fake, "dummy" wireless network that a user's phone would try to connect itself to.

Sorry to be a grammar Nazi... the appropriate word is "easily"...

 

[Yuka]

Well, Sony worked on the PSN subject very "quickly"... We all saw how that turned out, lol.

Don't fail on us, Google. At least, security wise XD

Cheers!

 

[molo9000]

[citation][nom]moricon[/nom]Umm one word ADVERTISING!!!!!!!!You do not pay, advertising pays! You search or e-mail or browse for FREE FFS![/citation]

Google's high advertising prices (google had a 29% profit margin last year) raise the costs of other companies, which ultimately increases the price of products you buy.
(And don't forget about your loss of privacy.)

Nothing in life is free. Things are indeed quite expensive if a company has a market dominating position like Google.

 

[chfireball]

for all the fanboys, this has been a issue for sometime now. no im not going to google it for you. it's become a big enough issue for google to do something about it. i just wish toms would post the whole story as to not be feeding the trolls.

 

[Kami3k]

Doesn't affect me from the details I read in the article. I turned off Wi-Fi the day I got my Droid 2.

 

[sundragon]

Wait... Android has a flaw?!?!? I thought only Apple had flaws.... Quick fix?!? Well, good luck - with the fragmentation of the Android OS and the fact that carriers aren't pushing updates (I know because I have a few friends with relatively new phones with 2.1 on them, including a Droid tablet) This will be interesting test of Google's ability to patch these things effectively.

 

[twu]

Tom's advertising "main page" hold up 50% of my 21 inche monitor. Cry out loud!

 

[milktea]

Very misleading title... 99%...
most people with Android phones I know do not connect to 'unknown' WiFi networks. it's nothing new with this type of exploit. so I don't know how you'd come up with the 99% number?

 

[NapoleonDK]

I'm very curious as to EXACTLY what is happening here. The article says that the server replies with an authToken over HTTP, but it doesn't DIRECTLY say that Android INITIALLY SENDS CREDENTIALS over HTTPS. Can anyone find a link that states this?

The article also states that this does not affect Gingerbread or Honeycomb, does that mean that devices running those OS's contact different servers than Froyo/Eclair devices do? Or that the servers have been set up to respond differently to more modern Android devices?

Having a hard time finding facts here. =\

 

[robochump]

Are all the iSheep spouting Apple haters looking for things to pick on Apple about to divert Android issues? hehe. Well hopefully Google will learn from this.

 

[sundragon]

Loving all the defensive comments by the Android fan boys who sound like Apple fan boys... One cult vs another... Little kids fighting in a sandbox...

 

[robochump]

Yeah, just be happy its American companies being innovative! So I am all for either Android, Win7 Phone, and iOS. Competition = better for us consumers!

 

[JD13]

Thanks to my provider (Verizon) I'm stuck with 2.2 till they decide they are ready to release 2.3...

Google only made you think you are getting something for free.... They collect every little tid-bit of info on you, then sell it to companies as market research or a profile. What do you think they need huge data centers for?

 

[damric]

I really need to get into hacking. Seems quite profitable these days.